security and data privacy
play

Security and Data Privacy Instructor: Pratiksha Thaker - PowerPoint PPT Presentation

Sep 18, 2023 •657 likes •1.53k views

Security and Data Privacy Instructor: Pratiksha Thaker cs245.stanford.edu Outline Security requirements Key concepts and tools Differential privacy Other security tools CS 245 2 Outline Security requirements Key concepts and tools

  1. Security and Data Privacy Instructor: Pratiksha Thaker cs245.stanford.edu

  2. Outline Security requirements Key concepts and tools Differential privacy Other security tools CS 245 2

  3. Outline Security requirements Key concepts and tools Differential privacy Other security tools CS 245 3

  4. Why Security & Privacy? CS 245 4

  5. Why Security & Privacy? Data is valuable & can cause harm if released » Example: medical records, purchase history, internal company documents, etc Data releases can’t usually be “undone” Security policies can be complex » Each user can only see data from their friends » Analyst can only query aggregate data » Users can ask to delete their derived data CS 245 5

  6. Why Security & Privacy? It’s the law! New regulations about user data: US HIPAA: Health Insurance Portability & Accountability Act (1996) » Mandatory encryption, access control, training EU GDPR, CA CCPA: (2018) » Users can ask to see & delete their data PCI DSS: Payment Card Industry standard (2004) » Required in contracts with MasterCard, etc CS 245 6

  7. Consequence Security and privacy must be baked into the design of data-intensive systems » Often a key differentiator for products! CS 245 7

  8. The Good News Declarative interface to many data-intensive systems can enable powerful security features » One of the “big ideas” in our class! Example: System R’s access control on views read arbitrary write SQL query SQL Tables View Users CS 245 8

  9. Outline Security requirements Key concepts and tools Differential privacy Other security tools CS 245 9

  10. Some Security Goals Access Control: only the “right” users can perform various operations; typically relies on: » Authentication: a way to verify user identity (e.g. password) » Authorization: a way to specify what users may take what actions (e.g. file permissions) Auditing: system records an incorruptible audit trail of who did each action CS 245 10

  11. Some Security Goals Confidentiality: data is inaccessible to external parties (often via cryptography) Integrity: data can’t be modified by external parties Privacy: only a limited amount of information about “individual” users can be learned CS 245 11

  12. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 12

  13. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 1. Bobby T. (an evil student) logging into Axess as himself and being able to change grades 13

  14. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 1. Bobby T. (an evil student) logging into Axess as himself and being able to change grades 2. Bobby sending hand-crafted network packets to Axess to change his grades 14

  15. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 1. Bobby T. (an evil student) logging into Axess as himself and being able to change grades 2. Bobby sending hand-crafted network packets to Axess to change his grades 3. Bobby getting a job as a DB admin at Axess 15

  16. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 1. Bobby T. (an evil student) logging into Axess as himself and being able to change grades 2. Bobby sending hand-crafted network packets to Axess to change his grades 3. Bobby getting a job as a DB admin at Axess 4. Bobby guessing Matei’s password 16

  17. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 1. Bobby T. (an evil student) logging into Axess as himself and being able to change grades 2. Bobby sending hand-crafted network packets to Axess to change his grades 3. Bobby getting a job as a DB admin at Axess 4. Bobby guessing Matei’s password 5. Bobby blackmailing Matei to change his grade 17

  18. Clarifying These Goals Say our goal was access control : only Matei can set CS 245 student grades on Axess What scenarios should Axess protect against? 1. Bobby T. (an evil student) logging into Axess as himself and being able to change grades 2. Bobby sending hand-crafted network packets to Axess to change his grades 3. Bobby getting a job as a DB admin at Axess 4. Bobby guessing Matei’s password 5. Bobby blackmailing Matei to change his grade 6. Bobby discovering a flaw in AES to do #2 18

  19. Threat Models To meaningfully reason about security, need a threat model : what adversaries may do » Same idea as failure models! For example, in our Axess scenario, assume: » Adversaries only interact with Axess through its public API » No crypto algorithm or software bugs » No password theft Implementing complex security policies can be hard even with these assumptions! CS 245 19

  20. Threat Models No useful threat model can cover everything » Goal is to cover the most feasible scenarios for adversaries to increase the cost of attacks Threat models also let us divide security tasks across different components » E.g. auth system handles passwords, 2FA CS 245 20

  21. Threat Models CS 245 Source: XKCD.com 21

  22. Useful Building Blocks Encryption: encode data so that only parties with a key can efficiently decrypt Cryptographic hash functions: hard to find items with a given hash (or collisions) Secure channels (e.g. TLS): confidential, authenticated communication for 2 parties CS 245 22

  23. Security Tools from DBMSs First-class concept of users + access control » Views as in System R, tables, etc Secure channels for network communication Audit logs for analysis Encrypt data on-disk (perhaps at OS level) CS 245 23

  24. Modern Tools for Security Privacy metrics and enforcement thereof (e.g. differential privacy) Computing on encrypted data (e.g. CryptDB) Hardware-assisted security (e.g. enclaves) Multi-party computation (e.g. secret sharing) CS 245 24

  25. Outline Security requirements Key concepts and tools Differential privacy Other security tools CS 245 25

  26. Threat Model queries queries Table with Database private data server Data analysts • Database software is working correctly • Adversaries only access it through public API • Adversaries have limited # of user accounts CS 245 26

  27. Private statistics SELECT AVG(income) FROM professors WHERE state= “ California ” 27

  28. Private statistics Are aggregate statistics more private than individual data? SELECT AVG(income) FROM professors WHERE state= “ California ” SELECT AVG(income) FROM professors WHERE name= “ Matei Zaharia ” 28

  29. Private statistics Are aggregate statistics more private than individual data? No! SELECT AVG(income) FROM professors WHERE state=“ California ” SELECT AVG(income) FROM professors WHERE name=“ Matei Zaharia ” 29

  30. Private statistics 30

  31. Private statistics 31

  32. Idea: differential privacy A contract for algorithms that output statistics 32

  33. Idea: differential privacy A contract for algorithms that output statistics Intuition: the function is differentially private if removing or changing a data point does not change the output "too much" 33

  34. Idea: differential privacy A contract for algorithms that output statistics Intuition: the function is differentially private if removing or changing a data point does not change the output "too much" Intuition: plausible deniability 34

  35. Idea: differential privacy A contract for algorithms that output statistics For A and B that differ in one element , 35

  36. Idea: differential privacy A contract for algorithms that output statistics For A and B that differ in one element , Randomized algorithm that computes statistic 36

  37. Idea: differential privacy A contract for algorithms that output statistics For A and B that differ in one element , Any subset of possible outcomes 37

  38. Idea: differential privacy A contract for algorithms that output statistics For A and B that differ in one element , Privacy parameter Smaller ε ~= more privacy, less accuracy 38

  39. What Does It Mean? Say an adversary runs some query and observes a result Adversary had some set of results, S , that lets them infer something about Matei if Then: ≈ 1+ε Similar outcomes whether or not Matei in DB CS 245 39

  40. What Does It Mean? Private information is noisy. Can we determine anything useful? CS 245 40

  41. What Does It Mean? Private information is noisy. Can we determine anything useful? Query: SELECT COUNT(*) FROM patients WHERE causeOfDeath = ... Assume ε =0.1 CS 245 41

  42. What Does It Mean? CS 245 42

  43. What Does It Mean? CS 245 43

  44. What Does It Mean? With enough base signal, DP can still give useful information! CS 245 44

  45. Side Information Consider the following query: SELECT AVG(income) FROM professors WHERE state=“CA” 45

Recommend

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much

Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much

Be,er Privacy and Security via Secure Computa9on Jonathan Katz Security/privacy would be much easier if there were someone we could all TRUST with our data Be8er data mining -- using MORE data, while respec@ng users PRIVACY

888 views • 35 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned

Healthcare privacy and security Li Xiong CS573 Data Privacy and Security Patients Are Concerned Did you know... 77 percent of all Americans feel their personal health information privacy is very important, and 84 percent said they

769 views • 50 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Data Privacy Law Overview Privacy Protections (D) Working Group Jennifer McAdam Senior Counsel

Data Privacy Law Overview Privacy Protections (D) Working Group Jennifer McAdam Senior Counsel

Data Privacy Law Overview Privacy Protections (D) Working Group Jennifer McAdam Senior Counsel DECEMBER 8, 2019 Data Privacy vs. Data Security Data Privacy Data Security How data is collected & How data is stored & used

465 views • 23 slides
CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt //

CS573 Data Privacy and Security Location Privacy Location Privacy Yonghui (Yohu) Xiao htt // http://yxiao.info i i f Outline Outline What is Location Privacy Basic Techniques Private Information Retrieval Probabilistic

415 views • 24 slides
CS573 Data Privacy and Security Li Xiong Department of Mathematics and Computer Science Emory

CS573 Data Privacy and Security Li Xiong Department of Mathematics and Computer Science Emory

CS573 Data Privacy and Security Li Xiong Department of Mathematics and Computer Science Emory University Today Meet everyone in class Course overview Why data privacy and security What is data privacy and security What we

810 views • 70 slides
Beyond the Basics: Recent Developments in Global Data Privacy and Security David Bender Special

Beyond the Basics: Recent Developments in Global Data Privacy and Security David Bender Special

Beyond the Basics: Recent Developments in Global Data Privacy and Security David Bender Special Counsel, Data Privacy GTC Law Group Distinguished Fellow, Ponemon Institute The Universe of Current Privacy Concerns n The Privacy world is today

698 views • 40 slides
GTC Data Privacy & Security Training November 3, 2017 Hosted by 1 SPECIAL THANKS TO ....

GTC Data Privacy & Security Training November 3, 2017 Hosted by 1 SPECIAL THANKS TO ....

GTC Data Privacy & Security Training November 3, 2017 Hosted by 1 SPECIAL THANKS TO .... EMILY CHANG ASSISTANT GENERAL COUNSEL, DIRECTOR 2 GTC DATA PRIVACY & SECURITY GROUP gtclawgroup.com 3 PLEASE GIVE YOUR QUESTION CARDS TO:

984 views • 34 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference control Anonymization problem Anonymization notions and approaches (and how they fail to work!) k-anonymity l-diversity t-closeness

741 views • 51 slides
Global Privacy and Data Security Developments2013 By Katherine Ritchey, Mauricio Paez,

Global Privacy and Data Security Developments2013 By Katherine Ritchey, Mauricio Paez,

Global Privacy and Data Security Developments2013 By Katherine Ritchey, Mauricio Paez, Veronica McGregor, and Maria Sendra* Privacy and data security continue to be a focus for corporations, regulators, law enforcement, and consumer groups

282 views • 10 slides
Li Xiong CS573 Data Privacy and Security

Li Xiong CS573 Data Privacy and Security

Li Xiong CS573 Data Privacy and Security Security Engineering by Ross Anderson, 2001 Its function is to control which

422 views • 40 slides
Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology

Security and Privacy in the Cloud Mayer Brown LLP: Cybersecurity and Data Privacy / Technology Transactions Practice Groups November 14, 2017 Linda Rhodes Joe Pennell Brad Peterson Partner Partner Partner 202-263-3382 312-701-8354

313 views • 29 slides
CCPA - How To Do It Tanya Forsheit, Chair, Privacy & Data Security Group, Frankfurt Kurnit

CCPA - How To Do It Tanya Forsheit, Chair, Privacy & Data Security Group, Frankfurt Kurnit

CCPA - How To Do It Tanya Forsheit, Chair, Privacy & Data Security Group, Frankfurt Kurnit Klein & Selz Beth Hill, General Counsel & Chief Compliance Officer, FordDirect Maggie Mansourkia Mobley, Advisor, Privacy Matters Privacy &

524 views • 26 slides
CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong Applying Differential Privacy Real world deployments of differential privacy OnTheMap RAPPOR Module 4 Tutorial: Differential Privacy in the Wild

617 views • 30 slides
Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report

Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report

4/16/16 Trends in Data Security and Privacy Li7ga7on and Insurance 2015 Verizon Data Breach Report 79,790 security incidents 2,122 confirmed data breaches Top industries affected: Public, Informa7on, and Financial Services (same as

181 views • 14 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International

CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International

CO 445H MOBILE PLATFORM SECURITY AND MOBILE PRIVACY Dr. Benjamin Livshits Privacy International Data Tracking 2 http://privacyinternational.org/feature/2433/i-asked-online-tracking-company-all-my-data-and-heres-what-i-found Two Main Attack

986 views • 63 slides
SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY

SECURITY, ADVERSARIAL SECURITY, ADVERSARIAL LEARNING, AND PRIVACY LEARNING, AND PRIVACY Christian Kaestner with slides from Eunsuk Kang Required reading: Hulten, Geoff. "Building Intelligent Systems: A Guide to Machine Learning

1.95k views • 113 slides
Privacy Architecture for Data-Driven Innovation Nishant Bhajaria What is privacy? Unlike

Privacy Architecture for Data-Driven Innovation Nishant Bhajaria What is privacy? Unlike

Privacy Architecture for Data-Driven Innovation Nishant Bhajaria What is privacy? Unlike Security, privacy can be hard to define. Confidential Intro - Nishant Bhajaria Staff Privacy Architect History: Nike Netflix

1.02k views • 83 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Addressing Your Number 1 Security Risk: Data Privacy, Data Encryption A Complimentary

Addressing Your Number 1 Security Risk: Data Privacy, Data Encryption A Complimentary

Addressing Your Number 1 Security Risk: Data Privacy, Data Encryption A Complimentary Webinar From healthsystemCIO.com Sponsored by Proofpoint Your Line Will Be Silent Until Our Event Begins at 12:00 ET Thank You! Slide Deck:

468 views • 22 slides

More recommend